[Users] Pike module

Stefano Capitanio s.capitanio at caspur.it
Thu Dec 14 11:19:28 CET 2006


Hi Bogdan,

so what can I do if I want to block for 10 minutes the requests coming 
from the IP address that excedeed the limit?

thanks for your help,
Stefano

Bogdan-Andrei Iancu ha scritto:
> Hi Stefano,
>
> as the docs say:
>    http://www.openser.org/docs/modules/1.2.x/pike.html#AEN77
> the remove_latency is the time interval the node will be kept in 
> memory for (before being removed). It has nothing to do with the 
> interval the node is considered red (blocking).
>
> The fact the node stays in memory will lead to a faster "red" 
> detection as the IP will not be expanded again.
>
> regards,
> bogdan
>
> Stefano Capitanio wrote:
>
>> Hi,
>>
>> i want to use pike module to avoid brute-force attack on Register.
>> are the values of the parameters expressed in seconds?
>> it seems that there is a problem because i've set:
>> modparam("pike", "sampling_time_unit", 30)
>> modparam("pike", "reqs_density_per_unit", 10)
>> modparam("pike", "remove_latency", 600)
>>
>> and the routing logic is:
>> if (method=="REGISTER") {
>>                        # Checks brute-force attacks
>>                        if (!pike_check_req()) {
>>                                sl_send_reply("403", "Too many 
>> attempts!");
>>                                break;
>>                        };
>>                        if (!www_authorize("caspur.it", "subscriber")) {
>>                                www_challenge("caspur.it", "0");
>>                                break;
>>                        };
>>                        save("location");
>>                        break;
>>                };
>>
>> but when I reach the limit it blocks the requests only for less than 
>> 1 minute...
>> where is the mistake?any idea?
>>
>> thanks,
>> Stefano
>>
>> _______________________________________________
>> Users mailing list
>> Users at openser.org
>> http://openser.org/cgi-bin/mailman/listinfo/users
>>
>




More information about the Users mailing list